ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.
{ "nvd_published_at": "2010-10-19T20:00:00Z", "cwe_ids": [ "CWE-287" ], "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2022-06-09T23:51:03Z" }